When you provide your organization’s employees and their computers with network connectivity through network access servers, such as virtual private network (VPN) servers, wireless access points, and dial-up servers, you can use NPS to create, centrally manage, and enforce the network access policies that determine whether users and computers can or cannot access the network.

During a connection attempt, users and computers typically provide account credentials in the form of a user name and password or a certificate. NPS can examine these credentials and use them to verify the identity of – or authenticate – the user or computer before allowing network access. NPS can also determine whether the user or computer has permission to access the network by authorizing the connection request against user account properties, network policies that you have created, or both.

NPS provides you with the advantage of configuring network policies at one server (the server running NPS) that are applied at many servers (the network access servers). For example, if you have 10 wireless access points and are not using NPS, you must configure access policies 10 times; but if you use NPS, you must configure each policy only one time.

By using NPS, you can centrally manage network access for organizations of all sizes, including small businesses, medium organizations, enterprise-level organizations, and Internet service providers (ISPs). NPS provides you with the ability to secure and manage network access across a variety of network access scenarios such as the following: